00001 00004 /* 00005 * OpenSSL wrapper contributed by David Barett 00006 */ 00007 #ifndef XYSSL_OPENSSL_H 00008 #define XYSSL_OPENSSL_H 00009 00010 #include "xyssl/aes.h" 00011 #include "xyssl/md5.h" 00012 #include "xyssl/rsa.h" 00013 #include "xyssl/sha1.h" 00014 00015 #define AES_SIZE 16 00016 #define AES_BLOCK_SIZE 16 00017 #define AES_KEY aes_context 00018 #define MD5_CTX md5_context 00019 #define SHA_CTX sha1_context 00020 00021 #define SHA1_Init( CTX ) \ 00022 sha1_starts( (CTX) ) 00023 #define SHA1_Update( CTX, BUF, LEN ) \ 00024 sha1_update( (CTX), (unsigned char *)(BUF), (LEN) ) 00025 #define SHA1_Final( OUT, CTX ) \ 00026 sha1_finish( (CTX), (OUT) ) 00027 00028 #define MD5_Init( CTX ) \ 00029 md5_starts( (CTX) ) 00030 #define MD5_Update( CTX, BUF, LEN ) \ 00031 md5_update( (CTX), (unsigned char *)(BUF), (LEN) ) 00032 #define MD5_Final( OUT, CTX ) \ 00033 md5_finish( (CTX), (OUT) ) 00034 00035 #define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \ 00036 aes_setkey_enc( (CTX), (KEY), (KEYSIZE) ) 00037 #define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \ 00038 aes_setkey_dec( (CTX), (KEY), (KEYSIZE) ) 00039 #define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \ 00040 aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) ) 00041 00042 /* 00043 * RSA stuff follows. TODO: needs cleanup 00044 */ 00045 inline int __RSA_Passthrough( void *output, void *input, int size ) 00046 { 00047 memcpy( output, input, size ); 00048 return size; 00049 } 00050 00051 inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr, 00052 int len ) 00053 { 00054 unsigned char *buffer = *(unsigned char **) bufptr; 00055 rsa_context *rsa; 00056 00057 /* 00058 * Not a general-purpose parser: only parses public key from *exactly* 00059 * openssl genrsa -out privkey.pem 512 (or 1024) 00060 * openssl rsa -in privkey.pem -out privatekey.der -outform der 00061 * openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout 00062 * 00063 * TODO: make a general-purpose parse 00064 */ 00065 if( ignore != 0 || ( len != 94 && len != 162 ) ) 00066 return( 0 ); 00067 00068 rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) ); 00069 if( rsa == NULL ) 00070 return( 0 ); 00071 00072 memset( rsa, 0, sizeof( rsa_context ) ); 00073 00074 if( ( len == 94 && 00075 mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 && 00076 mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) || 00077 ( len == 162 && 00078 mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) && 00079 mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 ) 00080 { 00081 /* 00082 * key read successfully 00083 */ 00084 rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3; 00085 return( rsa ); 00086 } 00087 else 00088 { 00089 memset( rsa, 0, sizeof( rsa_context ) ); 00090 free( rsa ); 00091 return( 0 ); 00092 } 00093 } 00094 00095 #define RSA rsa_context 00096 #define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */ 00097 #define RSA_size( CTX ) (CTX)->len 00098 #define RSA_free( CTX ) rsa_free( CTX ) 00099 #define ERR_get_error( ) "ERR_get_error() not supported" 00100 #define RSA_blinding_off( IGNORE ) 00101 00102 #define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */ 00103 00104 inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; } 00105 inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; } 00106 inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; } 00107 inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; } 00108 00109 #ifdef __cplusplus 00110 } 00111 #endif 00112 00113 #endif /* openssl.h */